Federal Authorities Target Russian Cyber Group: $10 Million Reward Offered
Federal authorities are offering a reward of up to $10 million for information leading to the identification or location of a Russian state cyber group that has compromised thousands of Signal and WhatsApp accounts belonging to investigative reporters and US government employees.
The operation has been active since at least March, when the FBI published an advisory warning of ongoing phishing campaigns targeting high-value individuals. These attackers are associated with Russian intelligence services, and the tactics employed raise significant concerns about digital security for sensitive communications.
Thousands of Accounts Already Compromised
Once compromised, attackers gain access to new messages sent to the affected account. A notable safety feature of Signal prevents attackers from reading past conversations, but that doesn’t mitigate the risk to sensitive or ongoing communications. The targeted individuals include current and former US government officials, military personnel, political figures, and journalists—groups that typically handle valuable and sensitive information.
In an update from last week, the FBI warned that the campaign had evolved. Attackers are no longer just posing as support bots to trick users into linking their accounts to an attacker’s device. They are now also instructing targets to create a backup of their communications and, in follow-up messages, request the long passcode used to encrypt these backups, effectively giving attackers complete access to previous Signal conversations. The FBI has tracked the two Russian government groups involved as UNC5792 and UNC4221.
One common message reads:
Signal is here
Recently, attempts to hack users of our messenger with the connection of third-party devices to the account have become more frequent.
A joint investigation involving the US government and European partners has revealed that these attacks are also linked to hackers from Iran and other post-Soviet countries.
In light of these developments, Signal has updated its Terms of Service and Privacy Policy. A new Mandatory Two-Factor Verification process has been introduced to enhance user security. The platform encourages users to back up their messages and media, providing step-by-step instructions to do so securely.
If you need acknowledgments, simply follow the path: Settings -> Backups -> Enable backups -> View recovery key -> Copy to clipboard -> Next -> Enter the recovery key -> Next -> Continue -> Choose your backup plan.
Click the “Accept” button in the pop-up and stay tuned for further security updates on our messenger. It’s crucial to prioritize your safety, and Signal aims to maintain its status as the most secure messenger with end-to-end encryption.
If you have any questions, send /help.
For more detailed information about the ongoing phishing efforts and the associated risks, visit this link.
Image Credit: arstechnica.com
